|
|
@@ -52,6 +52,8 @@ class User < ApplicationRecord |
|
|
|
devise :registerable, :recoverable, :rememberable, :trackable, :validatable, |
|
|
|
:confirmable |
|
|
|
|
|
|
|
devise :pam_authenticatable if ENV['PAM_ENABLED'] == 'true' |
|
|
|
|
|
|
|
devise :omniauthable |
|
|
|
|
|
|
|
belongs_to :account, inverse_of: :user |
|
|
@@ -96,7 +98,7 @@ class User < ApplicationRecord |
|
|
|
|
|
|
|
def pam_conflict? |
|
|
|
return false unless Devise.pam_authentication |
|
|
|
encrypted_password.present? && is_pam_account? |
|
|
|
encrypted_password.present? && pam_managed_user? |
|
|
|
end |
|
|
|
|
|
|
|
def pam_get_name |
|
|
@@ -267,22 +269,22 @@ class User < ApplicationRecord |
|
|
|
end |
|
|
|
|
|
|
|
def self.pam_get_user(attributes = {}) |
|
|
|
if attributes[:email] |
|
|
|
resource = |
|
|
|
if Devise.check_at_sign && !attributes[:email].index('@') |
|
|
|
joins(:account).find_by(accounts: { username: attributes[:email] }) |
|
|
|
else |
|
|
|
find_by(email: attributes[:email]) |
|
|
|
end |
|
|
|
|
|
|
|
if resource.blank? |
|
|
|
resource = new(email: attributes[:email]) |
|
|
|
if Devise.check_at_sign && !resource[:email].index('@') |
|
|
|
resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}" |
|
|
|
end |
|
|
|
return nil unless attributes[:email] |
|
|
|
resource = |
|
|
|
if Devise.check_at_sign && !attributes[:email].index('@') |
|
|
|
joins(:account).find_by(accounts: { username: attributes[:email] }) |
|
|
|
else |
|
|
|
find_by(email: attributes[:email]) |
|
|
|
end |
|
|
|
|
|
|
|
if resource.blank? |
|
|
|
resource = new(email: attributes[:email]) |
|
|
|
if Devise.check_at_sign && !resource[:email].index('@') |
|
|
|
resource[:email] = Rpam2.getenv(resource.find_pam_service, attributes[:email], attributes[:password], 'email', false) |
|
|
|
resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}" unless resource[:email] |
|
|
|
end |
|
|
|
resource |
|
|
|
end |
|
|
|
resource |
|
|
|
end |
|
|
|
|
|
|
|
def self.ldap_get_user(attributes = {}) |
|
|
|